Critical vulnerabilities affecting F5 devices

Our advisories highlight current cyber security threats and vulnerabilities in New Zealand, and provide guidance on how to mitigate their impact.

Subscribe to our updates to be notified as soon as we publish an advisory.

2:00pm, 12 March 2021

TLP Rating: Clear

Critical vulnerabilities affecting F5 devices

F5 has released security updates for a series of critical vulnerabilities in its BIG-IP and BIG-IQ devices. One of these vulnerabilities would allow a user with unauthenticated access to the iControl interface, to achieve remote code execution and compromise of the device.

The updates also address authenticated remote code execution vulnerabilities and denial-of-service vulnerabilities which can be remotely exploited by an unauthenticated user, and may lead to remote code execution.

What's happening

Systems affected

BIG-IP versions:

  • 16.0.0 - 16.0.1
  • 15.1.0 - 15.1.2
  • 14.1.0 - 14.1.3.1
  • 13.1.0 - 13.1.3.5
  • 12.1.0 - 12.1.5.2

BIG-IQ versions:

  • 7.1.0 - 7.1.0.2
  • 7.0.0 - 7.0.0.1
  • 6.0.0 - 6.1.0

What this means

F5 has issued security updates to address these vulnerabilities for the affected versions, detailed above. For further information on the specific vulnerabilities, see their advisory.

F5’s advisory External Link

What to look for

How to tell if you're at risk

You could be affected by these vulnerabilities if you're using the versions of BIG-IP or BIG-IQ detailed above. Please see the F5 advisory to determine which vulnerabilities are likely to affect your devices.

What to do

Prevention

CERT NZ recommends that you update your devices with the latest security updates released by F5 as soon as possible.

Mitigation

There is mitigation advice available on the F5 advisory, such as restricting access to the control plane interfaces iControl/TMUI, and any configuration specific mitigations. However, CERT NZ strongly recommends that users of affected F5 products apply the security updates as soon as possible.

More information

F5’s advisory External Link

F5’s FAQs on the vulnerabilities External Link

If you require more information or further support, submit a report on our website or contact us on 0800 CERTNZ.

Report an incident to CERT NZ

For media enquiries, email our media desk at certmedia@cert.govt.nz or call on 021 854 384